AIOps: The Power to Transform IT Operations and enhance Cybersecurity

Ken Corless, CTO of Cloud Practice and Principal, Deloitte Consulting LLP and Irfan Saif, Principal, Deloitte & Touche LLP, and Scott Keoseyan, Managing Director, Deloitte & Touche LLP
Ken Corless, CTO of Cloud Practice and Principal, Deloitte Consulting LLP

Ken Corless, CTO of Cloud Practice and Principal, Deloitte Consulting LLP

Artificial intelligence (AI) is becoming ubiquitous throughout all industries. It comprises a large umbrella of technologies such as machine learning (ML), natural language processing, intelligent automation, and more, that perform tasks that would typically require human intelligence. AI can be applied to virtually any organizational function to discover new insights and contexts from data, create abstractions that make work easier, and detect patterns and anomalies humans might miss. To be sure, AI is revolutionizing business.

One promising application of AI is to IT operations (ITOps), which is now commonly referred to as AIOps. Like many common IT terms, there is no single definition of AI Ops; we define it as:

Using Artificial Intelligence to enhance, streamline or automate IT Operations leveraging real-time first and third party data, machine learning, and cognitive technologies.

Why AIOps?

The “software-defined-everything” world leveraged by DevOps has created an immense advantage for those companies that have embraced it. However, as IT infrastructures increase in complexity, the ITOps team has a growing list of tasks they need to automate.

Adding to the challenges, newer technologies such as public clouds produce incredible amounts of data, and incredible amounts of noise. In fact, improving the signal-to-noise ratio in the vast array of data produced by information systems is one of the largest challenges in the modern IT environment.

Companies can employ AIOps technologies to meet those challenges and gain robust capabilities throughout all phases of ITOps. With a sound AIOps platform they can:

• Visualize and analyze vast data sets to gain deeper insights
• Automate pattern discovery to detect anomalies and make faster data correlations to reduce noise
• Perform more proactive, automated ITOps
• Mitigate risks with analytics capabilities that augment and exceed human capabilities

The goal of AIOps is two-fold: to automate as much of ITOps as possible and provide quicker, deeper insights for business leaders based on the data received from ITOps.It has the potential to help companies transform their ITOps, especially in critical areas such as cybersecurity.

Ause case for AIOps: Cybersecurity

While the benefits of AIOps span all facets of IT, no area is drawing more interest in AIOps than cybersecurity. The cyber-threat landscape is ever-evolving, and the threats are becoming more severe and numerous. Just ask any health care, financial, or governmental organization that’s been hit with a ransomware attack or suffered a data breach.

AIOps is a great approach to tackling cybersecurity challenges. Traditional human, rules-based approaches are not adequate to solve security issues at speed, with competence. However, with AIOps, companies can manage the balance of finite resources—both human and monetary—needed to enforce cybersecurity.They can also meet the challenges associated with the scale of cybersecurity issues—e.g., data volumes, event velocities, etc.—that make it nearly impossible for human teams to separate true signals from noise, detect and prioritize all potential threats, and effectively prioritize vulnerability mitigation activities.

With AIOps tools, technology teams can leverage the power and automation capabilities of analytics, AI,and ML to—in real-time—determine a baseline systems state, continually reassessthat baseline from a behavioral perspective, find outlier eventsamong the noise,and classify them as benign or suspicious. AIOps promises not only to monitor and notify, but help companies dynamically pivot actions based on real-time needs, events, or threats.

And those actions can be undertaken based on hard data, not anecdotal experience. This data-based decision-making capability gives CIOs/CTOs/CISOs a powerful weapon in their risk-assessment and mitigation portfolios, as well as peace of mind that they can anticipate and address threatsbefore they become disasters. With AIOps, companies can more effectively meet, and exceed, the demands placed on them from an ever-evolving threat landscape. That’s a powerful value proposition.

Getting started with AIOps

Because AIOps holds such potential, it’s hard not to jump at the chance to get on board. Jump, but do it judiciously. Don’t start with tools. Instead, start by identifying a problem or opportunity. As we discussed, cybersecurity is a good use case for AIOps. So are systems resiliency issues, inconsistent or poor application performance, and inability to trace the root cause of events that impact performance or cybersecurity. If you have any of these, or similar, challenges, you have a target to fix.

The good news is there are steps that can help get you started using AIOps.

1. Create a cross-functional team to set priorities. (e.g., cybersecurity, infrastructure, applications, etc.) And keep in mind, AIOps done well breaks down silos; it doesn’t create new ones.

2. Understand your data. Knowing what data you have and identifying relevant data you need to solve the problem(s) you’ve identified is a key success factor.

3. Start with a narrow focus within your problem area. (e.g., patch compliance, identity analytics). Look at areas where data might not be analyzed, or well understood, and where there can be tangible benefits (i.e. quick wins).

4. Pick an AIOps platform. Choose carefully. There are many new AIOps vendors,but most traditional ITOps tooling vendors now offerAIOps capabilitiestoo. Also, because you’ll be operating in a cloud environment, pay as you go; don’t enter a long term deal. You’ve got a lot of learning in front of you!

5. Integrate the AIOps platform. AIOps tools typically won’t replace all your existing tools. You’ll probably have to re-engineer some IT processes and review and tweak the ML learning models periodically.

6. Deploy and learn. As you iterate, you may have to rethink teams, processes, and methods. While you may not completely eliminate 30-person bridge calls, you can certainly reduce their frequency and size. Just remember, as with the cloud, AIOps is a journey. Learn from mistakes and repeat successes.

The bottom line

AIOps is a natural evolution for organizations that have seen the benefits of AI. With AIOps, you can automate much of your ITOps and gain quicker, deeper insights to help you make better decisions and enhance the security of your information infrastructure. However, as with any hyped technology, there are no silver bullets. Implementing AIOps will take old-fashioned hard work like evaluating tools, data, and processes to determine the right path for your organization. But with the potential of AIOps, the work will be well worth it.

Read Also

Why the C-Suite Must Embrace Cybersecurity

Why the C-Suite Must Embrace Cybersecurity

Chris Riley, President of U.S. Operations, SSH Communications Security
3 things CIOs and CISOs Need to Know to Keep their Company Secure

3 things CIOs and CISOs Need to Know to Keep their Company Secure

Malcolm Harkins, Chief Security and Trust Officer, Cylance
MINDFULNESS and your CYBERSECURITY Program

MINDFULNESS and your CYBERSECURITY Program

Ronald Mehring, CISO, Texas Health